Keith Donald (Migrated from SEC-1738) said:
I upgraded to Spring Security 3.1.0.RC2 and found openId4java and guice2.0 on my classpath. My application requires neither. spring-security-config seems to be requiring them and they're coming in transitively. As a workaround, I excluded openid for now.
Rob Winch said:
Thank you for the bug report. I have checked in a fix. I validated the pom that is generated no longer contains a compile time dependency to openid4java which will also eliminate the guice dependency.